aws-sdk 1.30.1 → 1.31.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/lib/aws/api_config/CloudFront-2013-11-11.yml +2886 -0
- data/lib/aws/api_config/CloudTrail-2013-11-01.yml +36 -0
- data/lib/aws/api_config/ElasticTranscoder-2012-09-25.yml +67 -446
- data/lib/aws/auto_scaling.rb +0 -1
- data/lib/aws/auto_scaling/client.rb +2 -0
- data/lib/aws/cloud_formation.rb +0 -1
- data/lib/aws/cloud_formation/client.rb +2 -0
- data/lib/aws/cloud_front.rb +0 -1
- data/lib/aws/cloud_front/client.rb +6 -6
- data/lib/aws/cloud_search.rb +0 -1
- data/lib/aws/cloud_search/client.rb +3 -0
- data/lib/aws/cloud_trail.rb +0 -1
- data/lib/aws/cloud_trail/client.rb +2 -0
- data/lib/aws/cloud_watch.rb +0 -1
- data/lib/aws/cloud_watch/client.rb +2 -0
- data/lib/aws/core.rb +8 -6
- data/lib/aws/core/client.rb +30 -4
- data/lib/aws/core/configuration.rb +1 -1
- data/lib/aws/core/http/request.rb +2 -1
- data/lib/aws/core/signers/base.rb +46 -0
- data/lib/aws/core/signers/cloud_front.rb +56 -0
- data/lib/aws/core/signers/s3.rb +159 -0
- data/lib/aws/core/signers/version_2.rb +72 -0
- data/lib/aws/core/signers/version_3.rb +86 -0
- data/lib/aws/core/signers/version_3_https.rb +61 -0
- data/lib/aws/core/signers/version_4.rb +228 -0
- data/lib/aws/core/signers/version_4/chunk_signed_stream.rb +191 -0
- data/lib/aws/data_pipeline.rb +0 -1
- data/lib/aws/data_pipeline/client.rb +3 -0
- data/lib/aws/direct_connect.rb +0 -1
- data/lib/aws/direct_connect/client.rb +3 -0
- data/lib/aws/dynamo_db.rb +0 -1
- data/lib/aws/dynamo_db/client.rb +2 -0
- data/lib/aws/ec2.rb +0 -1
- data/lib/aws/ec2/client.rb +21 -0
- data/lib/aws/elastic_beanstalk.rb +0 -1
- data/lib/aws/elastic_beanstalk/client.rb +3 -0
- data/lib/aws/elastic_transcoder.rb +0 -1
- data/lib/aws/elastic_transcoder/client.rb +2 -0
- data/lib/aws/elasticache.rb +0 -1
- data/lib/aws/elasticache/client.rb +2 -0
- data/lib/aws/elb.rb +0 -1
- data/lib/aws/elb/client.rb +2 -0
- data/lib/aws/emr.rb +0 -1
- data/lib/aws/emr/client.rb +2 -0
- data/lib/aws/glacier.rb +0 -1
- data/lib/aws/glacier/client.rb +2 -0
- data/lib/aws/iam.rb +0 -1
- data/lib/aws/iam/client.rb +2 -0
- data/lib/aws/import_export.rb +0 -1
- data/lib/aws/import_export/client.rb +2 -0
- data/lib/aws/kinesis.rb +0 -1
- data/lib/aws/kinesis/client.rb +2 -0
- data/lib/aws/ops_works.rb +0 -1
- data/lib/aws/ops_works/client.rb +2 -0
- data/lib/aws/rds.rb +0 -1
- data/lib/aws/rds/client.rb +2 -0
- data/lib/aws/redshift.rb +0 -1
- data/lib/aws/redshift/client.rb +2 -0
- data/lib/aws/route_53.rb +0 -1
- data/lib/aws/route_53/client.rb +2 -0
- data/lib/aws/s3.rb +1 -0
- data/lib/aws/s3/bucket_collection.rb +9 -7
- data/lib/aws/s3/client.rb +70 -9
- data/lib/aws/s3/config.rb +12 -0
- data/lib/aws/s3/object_collection.rb +4 -9
- data/lib/aws/s3/presign_v4.rb +127 -0
- data/lib/aws/s3/presigned_post.rb +1 -1
- data/lib/aws/s3/request.rb +0 -136
- data/lib/aws/s3/s3_object.rb +40 -19
- data/lib/aws/simple_db.rb +0 -1
- data/lib/aws/simple_db/client.rb +2 -0
- data/lib/aws/simple_email_service.rb +0 -1
- data/lib/aws/simple_email_service/client.rb +2 -0
- data/lib/aws/simple_workflow.rb +0 -1
- data/lib/aws/simple_workflow/client.rb +2 -0
- data/lib/aws/sns.rb +0 -1
- data/lib/aws/sns/client.rb +2 -0
- data/lib/aws/sqs.rb +0 -1
- data/lib/aws/sqs/client.rb +2 -0
- data/lib/aws/storage_gateway.rb +0 -1
- data/lib/aws/storage_gateway/client.rb +2 -0
- data/lib/aws/sts.rb +0 -1
- data/lib/aws/sts/client.rb +2 -0
- data/lib/aws/support.rb +0 -1
- data/lib/aws/support/client.rb +2 -0
- data/lib/aws/version.rb +1 -1
- metadata +12 -38
- data/lib/aws/auto_scaling/request.rb +0 -29
- data/lib/aws/cloud_formation/request.rb +0 -29
- data/lib/aws/cloud_front/request.rb +0 -30
- data/lib/aws/cloud_search/request.rb +0 -23
- data/lib/aws/cloud_trail/request.rb +0 -30
- data/lib/aws/cloud_watch/request.rb +0 -29
- data/lib/aws/core/signature/version_2.rb +0 -56
- data/lib/aws/core/signature/version_3.rb +0 -77
- data/lib/aws/core/signature/version_3_https.rb +0 -54
- data/lib/aws/core/signature/version_4.rb +0 -135
- data/lib/aws/core/signer.rb +0 -46
- data/lib/aws/data_pipeline/request.rb +0 -26
- data/lib/aws/direct_connect/request.rb +0 -27
- data/lib/aws/dynamo_db/request.rb +0 -26
- data/lib/aws/ec2/request.rb +0 -21
- data/lib/aws/elastic_beanstalk/request.rb +0 -29
- data/lib/aws/elastic_transcoder/request.rb +0 -30
- data/lib/aws/elasticache/request.rb +0 -23
- data/lib/aws/elb/request.rb +0 -29
- data/lib/aws/emr/request.rb +0 -28
- data/lib/aws/glacier/request.rb +0 -29
- data/lib/aws/iam/request.rb +0 -29
- data/lib/aws/import_export/request.rb +0 -23
- data/lib/aws/kinesis/request.rb +0 -26
- data/lib/aws/ops_works/request.rb +0 -27
- data/lib/aws/rds/request.rb +0 -29
- data/lib/aws/redshift/request.rb +0 -29
- data/lib/aws/route_53/request.rb +0 -23
- data/lib/aws/simple_db/request.rb +0 -23
- data/lib/aws/simple_email_service/request.rb +0 -27
- data/lib/aws/simple_workflow/request.rb +0 -28
- data/lib/aws/sns/request.rb +0 -29
- data/lib/aws/sqs/request.rb +0 -31
- data/lib/aws/storage_gateway/request.rb +0 -28
- data/lib/aws/sts/request.rb +0 -29
- data/lib/aws/support/request.rb +0 -27
data/lib/aws/kinesis.rb
CHANGED
data/lib/aws/kinesis/client.rb
CHANGED
data/lib/aws/ops_works.rb
CHANGED
data/lib/aws/ops_works/client.rb
CHANGED
data/lib/aws/rds.rb
CHANGED
@@ -49,7 +49,6 @@ module AWS
|
|
49
49
|
autoload :DBInstanceCollection, 'aws/rds/db_instance_collection'
|
50
50
|
autoload :DBSnapshot, 'aws/rds/db_snapshot'
|
51
51
|
autoload :DBSnapshotCollection, 'aws/rds/db_snapshot_collection'
|
52
|
-
autoload :Request, 'aws/rds/request'
|
53
52
|
|
54
53
|
include Core::ServiceInterface
|
55
54
|
|
data/lib/aws/rds/client.rb
CHANGED
data/lib/aws/redshift.rb
CHANGED
data/lib/aws/redshift/client.rb
CHANGED
data/lib/aws/route_53.rb
CHANGED
@@ -70,7 +70,6 @@ module AWS
|
|
70
70
|
autoload :Errors, 'aws/route_53/errors'
|
71
71
|
autoload :HostedZone, 'aws/route_53/hosted_zone'
|
72
72
|
autoload :HostedZoneCollection, 'aws/route_53/hosted_zone_collection'
|
73
|
-
autoload :Request, 'aws/route_53/request'
|
74
73
|
autoload :ResourceRecordSet, 'aws/route_53/resource_record_set'
|
75
74
|
autoload :ResourceRecordSetCollection, 'aws/route_53/resource_record_set_collection'
|
76
75
|
|
data/lib/aws/route_53/client.rb
CHANGED
data/lib/aws/s3.rb
CHANGED
@@ -134,6 +134,7 @@ module AWS
|
|
134
134
|
autoload :PrefixAndDelimiterCollection, 'aws/s3/prefix_and_delimiter_collection'
|
135
135
|
autoload :PrefixedCollection, 'aws/s3/prefixed_collection'
|
136
136
|
autoload :PresignedPost, 'aws/s3/presigned_post'
|
137
|
+
autoload :PresignV4, 'aws/s3/presign_v4'
|
137
138
|
autoload :Request, 'aws/s3/request'
|
138
139
|
autoload :S3Object, 'aws/s3/s3_object'
|
139
140
|
autoload :Tree, 'aws/s3/tree'
|
@@ -102,11 +102,7 @@ module AWS
|
|
102
102
|
config.s3_endpoint == 's3.amazonaws.com' or
|
103
103
|
options[:location_constraint]
|
104
104
|
then
|
105
|
-
constraint =
|
106
|
-
case config.s3_endpoint
|
107
|
-
when 's3-eu-west-1.amazonaws.com' then 'EU'
|
108
|
-
when /^s3-(.*)\.amazonaws\.com$/ then $1
|
109
|
-
end
|
105
|
+
constraint = guess_constraint
|
110
106
|
options[:location_constraint] = constraint if constraint
|
111
107
|
end
|
112
108
|
|
@@ -148,13 +144,19 @@ module AWS
|
|
148
144
|
nil
|
149
145
|
end
|
150
146
|
|
151
|
-
# @api private
|
152
147
|
private
|
148
|
+
|
153
149
|
def bucket_named name, owner = nil
|
154
150
|
S3::Bucket.new(name.to_s, :owner => owner, :config => config)
|
155
151
|
end
|
156
152
|
|
157
|
-
|
153
|
+
def guess_constraint
|
154
|
+
case config.s3_endpoint
|
155
|
+
when 's3-eu-west-1.amazonaws.com' then 'EU'
|
156
|
+
when /^s3[.-](.*)\.amazonaws\.com/ then $1
|
157
|
+
end
|
158
|
+
end
|
158
159
|
|
160
|
+
end
|
159
161
|
end
|
160
162
|
end
|
data/lib/aws/s3/client.rb
CHANGED
@@ -25,6 +25,8 @@ module AWS
|
|
25
25
|
# Client class for Amazon Simple Storage Service (S3).
|
26
26
|
class Client < Core::Client
|
27
27
|
|
28
|
+
signature_version :S3
|
29
|
+
|
28
30
|
API_VERSION = '2006-03-01'
|
29
31
|
|
30
32
|
XMLNS = "http://s3.amazonaws.com/doc/#{API_VERSION}/"
|
@@ -45,8 +47,41 @@ module AWS
|
|
45
47
|
include DataOptions
|
46
48
|
include Core::UriEscape
|
47
49
|
|
50
|
+
# @param [Core::Http::Request] request
|
51
|
+
# @api private
|
52
|
+
def sign_request request
|
53
|
+
version = @config.s3_signature_version ?
|
54
|
+
@config.s3_signature_version.to_sym :
|
55
|
+
(@region =~ /cn-/ ? :v4 : :v3)
|
56
|
+
case version
|
57
|
+
when :v4 then v4_signer.sign_request(request)
|
58
|
+
when :v3 then v3_signer.sign_request(request)
|
59
|
+
else
|
60
|
+
raise "invalid signature version #{version.inspect}"
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
48
64
|
protected
|
49
65
|
|
66
|
+
# @return [Core::Signers::S3]
|
67
|
+
def v3_signer
|
68
|
+
@v3_signer ||= Core::Signers::S3.new(credential_provider)
|
69
|
+
end
|
70
|
+
|
71
|
+
# @return [Core::Signers::Version4]
|
72
|
+
def v4_signer
|
73
|
+
@v4_signer ||= begin
|
74
|
+
Core::Signers::Version4.new(credential_provider, 's3', @region)
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
78
|
+
# @param [Http::Request] req
|
79
|
+
# @return [Boolean]
|
80
|
+
def chunk_sign? req
|
81
|
+
req.http_method == 'PUT' &&
|
82
|
+
req.headers['content-length'].to_i > 2 * 1024 * 1024 # 2MB
|
83
|
+
end
|
84
|
+
|
50
85
|
def self.bucket_method(method_name, verb, *args, &block)
|
51
86
|
|
52
87
|
method_options = (args.pop if args.last.kind_of?(Hash)) || {}
|
@@ -101,6 +136,32 @@ module AWS
|
|
101
136
|
|
102
137
|
protected
|
103
138
|
|
139
|
+
def set_metadata request, options
|
140
|
+
if metadata = options[:metadata]
|
141
|
+
Array(metadata).each do |name, value|
|
142
|
+
request.headers["x-amz-meta-#{name}"] = value
|
143
|
+
end
|
144
|
+
end
|
145
|
+
end
|
146
|
+
|
147
|
+
def set_storage_class request, options
|
148
|
+
storage_class = options[:storage_class]
|
149
|
+
if storage_class.kind_of?(Symbol)
|
150
|
+
request.headers["x-amz-storage-class"] = storage_class.to_s.upcase
|
151
|
+
elsif storage_class
|
152
|
+
request.headers["x-amz-storage-class"] = storage_class
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
156
|
+
def set_server_side_encryption request, options
|
157
|
+
sse = options[:server_side_encryption]
|
158
|
+
if sse.is_a?(Symbol)
|
159
|
+
request.headers['x-amz-server-side-encryption'] = sse.to_s.upcase
|
160
|
+
elsif sse
|
161
|
+
request.headers['x-amz-server-side-encryption'] = sse
|
162
|
+
end
|
163
|
+
end
|
164
|
+
|
104
165
|
def extract_error_details response
|
105
166
|
if
|
106
167
|
(response.http_response.status >= 300 ||
|
@@ -1314,9 +1375,9 @@ module AWS
|
|
1314
1375
|
options = compute_write_options(options)
|
1315
1376
|
set_body_stream_and_content_length(request, options)
|
1316
1377
|
|
1317
|
-
request
|
1318
|
-
request
|
1319
|
-
request
|
1378
|
+
set_metadata(request, options)
|
1379
|
+
set_storage_class(request, options)
|
1380
|
+
set_server_side_encryption(request, options)
|
1320
1381
|
|
1321
1382
|
super(request, options)
|
1322
1383
|
|
@@ -1563,9 +1624,9 @@ module AWS
|
|
1563
1624
|
}) do
|
1564
1625
|
|
1565
1626
|
configure_request do |req, options|
|
1566
|
-
req
|
1567
|
-
req
|
1568
|
-
req
|
1627
|
+
set_metadata(req, options)
|
1628
|
+
set_storage_class(req, options)
|
1629
|
+
set_server_side_encryption(req, options)
|
1569
1630
|
super(req, options)
|
1570
1631
|
end
|
1571
1632
|
|
@@ -1805,9 +1866,9 @@ module AWS
|
|
1805
1866
|
|
1806
1867
|
options = options.merge(:copy_source => escape_path(options[:copy_source]))
|
1807
1868
|
super(req, options)
|
1808
|
-
req
|
1809
|
-
req
|
1810
|
-
req
|
1869
|
+
set_metadata(req, options)
|
1870
|
+
set_storage_class(req, options)
|
1871
|
+
set_server_side_encryption(req, options)
|
1811
1872
|
|
1812
1873
|
if options[:version_id]
|
1813
1874
|
req.headers['x-amz-copy-source'] += "?versionId=#{options[:version_id]}"
|
data/lib/aws/s3/config.rb
CHANGED
@@ -39,4 +39,16 @@ AWS::Core::Configuration.module_eval do
|
|
39
39
|
|
40
40
|
add_option :s3_storage_class, 'STANDARD'
|
41
41
|
|
42
|
+
add_option :s3_signature_version do |config, value|
|
43
|
+
if config.s3_region.match(/^cn-/)
|
44
|
+
:v4
|
45
|
+
elsif value
|
46
|
+
value
|
47
|
+
elsif config.s3 && config.s3[:signature_version]
|
48
|
+
config.s3[:signature_version]
|
49
|
+
else
|
50
|
+
:v3
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
42
54
|
end
|
@@ -282,8 +282,8 @@ module AWS
|
|
282
282
|
super
|
283
283
|
end
|
284
284
|
|
285
|
-
|
286
|
-
|
285
|
+
private
|
286
|
+
|
287
287
|
def each_member_in_page(page, &block)
|
288
288
|
super
|
289
289
|
page.contents.each do |content|
|
@@ -291,20 +291,14 @@ module AWS
|
|
291
291
|
end
|
292
292
|
end
|
293
293
|
|
294
|
-
# @api private
|
295
|
-
protected
|
296
294
|
def list_request options
|
297
295
|
client.list_objects(options)
|
298
296
|
end
|
299
297
|
|
300
|
-
# @api private
|
301
|
-
protected
|
302
298
|
def limit_param
|
303
299
|
:max_keys
|
304
300
|
end
|
305
301
|
|
306
|
-
# @api private
|
307
|
-
protected
|
308
302
|
def next_markers page
|
309
303
|
if page[:next_marker]
|
310
304
|
marker = page[:next_marker]
|
@@ -344,7 +338,8 @@ module AWS
|
|
344
338
|
process_batch unless @batch.empty?
|
345
339
|
end
|
346
340
|
|
347
|
-
|
341
|
+
private
|
342
|
+
|
348
343
|
def process_batch
|
349
344
|
response = @block.call(@batch)
|
350
345
|
@after_batch.call(response) if @after_batch
|
@@ -0,0 +1,127 @@
|
|
1
|
+
# Copyright 2011-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License"). You
|
4
|
+
# may not use this file except in compliance with the License. A copy of
|
5
|
+
# the License is located at
|
6
|
+
#
|
7
|
+
# http://aws.amazon.com/apache2.0/
|
8
|
+
#
|
9
|
+
# or in the "license" file accompanying this file. This file is
|
10
|
+
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
|
11
|
+
# ANY KIND, either express or implied. See the License for the specific
|
12
|
+
# language governing permissions and limitations under the License.
|
13
|
+
|
14
|
+
module AWS
|
15
|
+
class S3
|
16
|
+
|
17
|
+
# Utility class for building pre-signed URLs for Amazon S3 objects using
|
18
|
+
# signature version 4.
|
19
|
+
class PresignV4
|
20
|
+
|
21
|
+
# @param [S3Object] object
|
22
|
+
def initialize(object)
|
23
|
+
@object = object
|
24
|
+
@client = object.client
|
25
|
+
@signer = object.client.send(:v4_signer)
|
26
|
+
end
|
27
|
+
|
28
|
+
# @return [S3Object]
|
29
|
+
attr_reader :object
|
30
|
+
|
31
|
+
# @return [Client]
|
32
|
+
attr_reader :client
|
33
|
+
|
34
|
+
# @return [Core::Signers::Version4]
|
35
|
+
attr_reader :signer
|
36
|
+
|
37
|
+
# @param (see S3Object#url_for)
|
38
|
+
# @option (see S3Object#url_for)
|
39
|
+
# @return (see S3Object#url_for)
|
40
|
+
def presign(method, options = {})
|
41
|
+
|
42
|
+
now = Time.now.utc.strftime("%Y%m%dT%H%M%SZ")
|
43
|
+
|
44
|
+
request = build_request(method, options)
|
45
|
+
|
46
|
+
request.headers.clear
|
47
|
+
request.headers['host'] = request.host
|
48
|
+
signed_headers = 'Host'
|
49
|
+
|
50
|
+
# must be sent along with the PUT request headers
|
51
|
+
if options[:acl]
|
52
|
+
request.headers['X-Amz-Acl'] = options[:acl].to_s.gsub(/_/, '-')
|
53
|
+
signed_headers << ';X-Amz-Acl'
|
54
|
+
end
|
55
|
+
|
56
|
+
# must be sent along with the PUT request headers
|
57
|
+
if options[:content_md5]
|
58
|
+
request.headers['Content-MD5'] = options[:content_md5]
|
59
|
+
signed_headers << ';Content-MD5'
|
60
|
+
end
|
61
|
+
|
62
|
+
request_params = Core::Signers::S3::QUERY_PARAMS.map do |p|
|
63
|
+
param = p.tr("-","_").to_sym
|
64
|
+
if options.key?(param)
|
65
|
+
request.add_param(p, options[param])
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
request.add_param("X-Amz-Algorithm", "AWS4-HMAC-SHA256")
|
70
|
+
request.add_param("X-Amz-Date", now)
|
71
|
+
request.add_param("X-Amz-SignedHeaders", signed_headers)
|
72
|
+
request.add_param("X-Amz-Expires", seconds_away(options[:expires]))
|
73
|
+
request.add_param("X-Amz-Credential", signer.credential(now))
|
74
|
+
request.add_param("X-Amz-Signature", signature(request, now))
|
75
|
+
|
76
|
+
build_uri(request, options)
|
77
|
+
|
78
|
+
end
|
79
|
+
|
80
|
+
private
|
81
|
+
|
82
|
+
def build_request(method, options)
|
83
|
+
path_style = object.config.s3_force_path_style
|
84
|
+
params = options.merge(
|
85
|
+
:bucket_name => object.bucket.name,
|
86
|
+
:key => object.key,
|
87
|
+
:data => '',
|
88
|
+
)
|
89
|
+
req = client.send(:build_request, operation_name(method), params)
|
90
|
+
req.force_path_style = options.fetch(:force_path_style, path_style)
|
91
|
+
req
|
92
|
+
end
|
93
|
+
|
94
|
+
def operation_name(method)
|
95
|
+
case method
|
96
|
+
when :get, :read then :get_object
|
97
|
+
when :put, :write then :put_object
|
98
|
+
when :delete then :delete_object
|
99
|
+
else
|
100
|
+
msg = "invalid method, expected :get, :put or :delete, got "
|
101
|
+
msg << method.inspect
|
102
|
+
raise ArgumentError msg
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
def signature(request, datetime)
|
107
|
+
key = signer.derive_key(datetime)
|
108
|
+
signer.signature(request, key, datetime, 'UNSIGNED-PAYLOAD')
|
109
|
+
end
|
110
|
+
|
111
|
+
def build_uri(request, options)
|
112
|
+
uri_class = options[:secure] ? URI::HTTPS : URI::HTTP
|
113
|
+
uri_class.build(
|
114
|
+
:host => request.host,
|
115
|
+
:port => request.port,
|
116
|
+
:path => request.path,
|
117
|
+
:query => request.querystring
|
118
|
+
)
|
119
|
+
end
|
120
|
+
|
121
|
+
def seconds_away(expires)
|
122
|
+
expires - Time.now.to_i
|
123
|
+
end
|
124
|
+
|
125
|
+
end
|
126
|
+
end
|
127
|
+
end
|
@@ -342,7 +342,7 @@ module AWS
|
|
342
342
|
def fields
|
343
343
|
|
344
344
|
secret = config.credential_provider.secret_access_key
|
345
|
-
signature = Core::
|
345
|
+
signature = Core::Signers::Base.sign(secret, policy, 'sha1')
|
346
346
|
|
347
347
|
fields = {
|
348
348
|
"AWSAccessKeyId" => config.credential_provider.access_key_id,
|